The financial services industry has a hierarchical, structured and siloed culture. Risk management functions across different banks have inherited and reinforced this organisational philosophy. When banks started to be aware of their rampant exposure to financial crime risk, they applied the very same approach as in other areas of risk. Do banks use the proper organisational structure for tackling financial crime?
Know Your Client(KYC) and Transaction Monitoring(TM) are two critical components used by most banks to assess, analyse and measure their exposure to financial crime compliance risk. Nevertheless, despite serving a common goal, KYC and TM are disjointed. In most banks, KYC and TM are harboured in different departments, follow different processes and use different systems, thereby having minimal interactions.
Siloed approach
While being used mainly during clients’ onboarding, KYC spans over the entire client’s life cycle. The knowledge relative to a client crystallises over time with each new piece of information gleaned from different sources. The client discovery process does not resume to checking the ID and the proof of address. It needs information about the client’s transactions, counterparties, and their respective features. KYC and TM follow a siloed approach, which considerably limits the client discovery process and generates unforeseen risks.
Wrong-way risk
The wrong way risk is a crucial concern in counterparty risk management. The wrong way risk occurs when a counterparty's creditworthiness decreases with its exposure. When transposed to financial crime, the wrong way risk means that a client deemed low-risk during the initial KYC exhibits high-risk transactions. Such behaviours are difficult to assess in environments where the two functions, KYC and TM, do not interact.
Backtesting methods
Backtesting the methodologies used for measuring the financial crime risk has been one of the biggest burdens of compliance departments. The main issue is the lack of relevant data required to compare the predicted and observed losses stemming from financial crime risk. Nevertheless, the lack of interaction between datasets related to customers’ screening and transactions’ records hinders the backtesting of such methodologies. In fact, most banks apply models for their compliance risk, which cannot pass through a sound validation process.
Most compliance officers ignore the fact that the initial screening assessment can be used as a benchmark for the transaction monitoring methodology and vice-versa. All things equal, a high-risk customer should exhibit a pattern of risky transactions. In addition, a customer executing high-risk transactions should have been deemed as high risk through the initial screening process.
Bridging the gap
Transaction monitoring starts with the client’s onboarding. While most institutions are aware of this issue, bridging the gap between KYC and TM raises organisational and technological challenges. The two functions use different systems with different technologies, thereby making their linkage difficult and expensive. Moreover, assessing the initial profile of sophisticated clients requires graph-based approaches (such as Know Your Network ™ ). Graph-based technologies can easily monitor money transfer or trading activity and build the bridge between KYC and TM.
“I believe in having each device secured and monitoring each device, rather than just monitoring holistically on the network, and then responding in short enough time for damage control.”
Kevin Mitnick, American computer security consultant, author, and convicted hacker
Focus: Sanjay Shah
The Financial Conduct Authority imposes a financial penalty of 642,400 GBP on Sunrise Brokers LLP in a final notice. Sunrise Brokers was one of the many small pieces of a bigger puzzle engineered by Sanjay Shah, the Cum-Ex Golden Boy. Sanjay Shah controlled from Dubai four FCA authorised firms (known as the Solo Group): Solo Capital Partners LLP, a brokerage firm licensed in March 2012, West Point Derivatives Ltd, a broker in the derivatives market, authorised in July 2005, Old Park Lane Capital Ltd, first licensed in April 2008 and Telesto Markets LLP a custodian bank authorised on 27 August 2014.
Shah’s network spanned over several jurisdictions and encompassed up to 100 companies. Between 17 February 2015 and 4 November 2015, Sunrise operated fraudulent transactions with four FCA authorised entities part of the Solo Group. The Solo Clients were off-shore companies, including Malaysian incorporated entities and several individual US pension plans. The clients were introduced by the Solo Group, which purported to provide clearing and settlement services as Custodian to clients within a closed network.
Sunrise executed OTC equity Cum-Dividend Trades to the value of approximately 25.4 billion GBP in Danish equities and 11.2 billion GBP in Belgian equities, and received commission of 466,652 GBP.
Word on the street: Mafia and football
The former Italian international Fabrizio Miccoli was sentenced to three and a half years for association with the Sicilian mafia in an extorsion affair. The 42-year-old former player of Palermo and Juventus is paying his dues for a crime back in 2010. At that time, he used his ties with the son of a Sicilian mafia boss to extort a nightclub owner who owed him money. However, during a press conference in 2013, Miccoli stated that he is innocent and not a criminal but a footballer.
Miccoli has played for Palermo and Perugia, Juventus (2003-2004) and Fiorentina. After playing for different prominent clubs in Serie A, he represented Benfica from 2005 to 2007. He ended his professional career in 2015.
The speculation related to criminal organisations' involvement in professional football is not recent. For example, allegations of match-fixing and extortion were brought forward since the 1980s when Diego Maradona was suspected of ties with the notorious Neapolitan Camorra.